No, the spell check isn’t broken and we are not talking about a quiet afternoon drowning worms at the local farm pond. Phishing and Pharming are methods of identity theft and are accomplished through means of bogus emails or a web site that appears to be a legitimate company. Victims are typically asked to provide personal information such as passwords, credit card numbers or their social security number in a reply email or at a web site that looks convincingly legitimate. The verbiage that you will typically see in an email or on a web site trying to obtain your personal information are as follows:
“We suspect an unauthorized transaction on your account.
To ensure that your account has not been compromised,
please click here to authenticate your personal profile.”
To ensure that your account has not been compromised,
please click here to authenticate your personal profile.”
“During our regular verification of accounts, we couldn’t verify your information.
Please click here to update and verify our records.”
Please click here to update and verify our records.”
Never reply or respond to any such request or solicitation. There are no legitimate credit card companies, financial institutions or retailers that will ever make such a request via email or through a website.
Above are examples of Pharming and Phishing schemes. Simply put, they are processes by which scam artists chum the water with millions of emails and / or instant messages, hoping a few fish will take the bait with very good success.
Here is how the process of stealing personal information unfolds. A user simply clicks on a legitimate looking link located contained within an email or website. Then the user will be redirected to a website cleverly disguised to appear legitimate, but in reality is running illegal computer code in the background, unbeknownst to the user. That code is silently searching your computer for personal or financial information that may be stored in a temporary file, a cookie, a word document, etc…
Another even more sinister technique exploits the vulnerability of the Internet’s domain name system (DNS). The DNS system exists to resolve internet names or hosts such as www.google.com to the actual server IP addresses: 64.233.161.104. A hacker can “poison” a DNS directory by altering it so that a familiar URL or web address becomes associated with a string of numbers pointing to a fraudulent website. The hacker then channels hundreds of unsuspecting victims into his trap, even though they typed the correct URL into their browser.
And worse yet, there are viruses that exist that can accomplish the same goal as DNS poisoning by rewriting your computer’s local host file. The local host file is a file that exists locally and helps resolve host names or website addresses to their respective IP addresses. This file is checked first by your web browser when browsing to a particular web site. If no entries are found, your system will then check with the DNS servers in its lists. If, however, a bogus entry is found, the result is the same. The thief directs you to a bogus website, obtains your bank login or other personal information and you have no idea until it is too late. When the hook is set, you are in for a long, grueling battle.
So how do you protect yourself? Actually, it’s pretty simple. Use a quality internet security suite like McAfee, Symantec or Trend Micro and keep it up-to-date. They all include anti-virus, anti-phishing, firewall, and other protection components. The key is to be sure that auto-updates are enabled and that the software is kept current.
Now add a little common sense:
1. Never reply to an email asking you to confirm your identity.
2. If you are the least bit suspect of an information request or message, hit the delete key!
3. Never click on hyperlinks within email messages. Type the URL into your browser, instead, and bookmark the site for future reference.
4. If a web site asked for your password and user ID and you do not fully trust the site, try inputting a bogus password. If it is accepted, you know something is wrong.
5. Most importantly, keep your web browser, messaging and security software up-to-date.
1. Shred all copies of bills, monthly statements, credit card offers, convenience checks, receipts, etc. before putting them in the trash or recycling them.
2. Opt-out of pre-approved credit offers by calling 1-888-5-OPTOUT.
3. Periodically review your credit report. New Jersey residents are entitled to get one free report per year from each of the major credit bureaus. You can get your free report at www.annualcreditreport.com.
4. Finally, if you choose to be more proactive, consider using the recently implemented NJ security freeze. The security freeze, signed into law by Former Governor Codey last year, enables New Jersey residents to prevent anyone from looking at his or her credit files for the purpose of granting credit, unless the resident specifically chooses to allow access to that information. Thieves cannot gain access to your credit report without knowing your PIN and potential creditors won’t extend credit without reviewing it. Under the New Jersey law, all consumers can place a security freeze on their credit files for free and lift it temporarily for $5 when applying for credit. New Jersey is now the 12th state to adopt some form of a security freeze law. Go to http://www.state.nj.us/dobi/creditfreeze.htm to learn more.
Already hooked?
Depending on what type of identity theft has occurred, there are several different agencies that you must contact in order to restore your identity and help bring the thieves to justice. Here is a list of some important agencies that will help you in that process.
· Your local police and file a fraud report.
· The Postal Inspection Service @ http://www.usps.gov/ncsc/locators/ if you have any indication or suspicion of mail fraud.
· The Social Security Administration @ 800 269-0271, if you think your SSN is being fraudulently used.
· Possibly the Internal Revenue Service @ 800 829-0433.
· The three major credit reporting companies:
Equifax @ 800 525-6285
Experian (formerly TRW) @ 888 397-3742
Trans Union @ 800 680-7289
· Banks, Cable TV, Credit Card, Internet Access, Financial Institutions, Telephone, Utility and other companies where you have established credit to either freeze accounts and or request a change of account numbers, passwords, user IDs, PINs, etc.
Want to learn more about identity theft and how you can avoid becoming a victim? Visit the U.S. Department of Justice web-site at http://www.usdoj.gov/criminal/fraud/idtheft.html .
Jaydien Network Solution
Email Us: info@jaydien.com
Call Us: 877.561.6734
35 Beaverson Blvd, Suite 3A
Brick, NJ 08723
Posts
No comments:
Post a Comment